While most attacks take advantage of vulnerabilities that someone has already uncovered, a(n) ____ occurs when an attacker discovers and exploits a previously unknown flaw.

Zero Day

In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network

Distributed

_____ ensures that only authorized parties can view information.

Confidentiality

_____ ensures that information is correct and that no unauthorized person or malicious software has altered that data.

Integrity

In information security, a loss can be _____.

all of the above

In information security, a threat agent can be defined as _____.

both a and b

Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire

data

According to the 2007 FBI Computer Crime and Security Survey, the loss due to the theft of confidential data for 494 respondents was approximately ____.

$10 million

____ involves using someone’s personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating.

Cyberterrorism

Under the _____ , healthcare enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format

HIPAA

What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?

$250,000

The _____ act is designed to broaden the surveillance of law enforcement agencies so they can detect and suppress terrorism

USA Patriot

COPPA requires operators of online services or Web sites designed for children under the age of _____ to obtain parental consent prior to the collection, use, disclosure, or display of a child’s personal information

13

In a company of 500 employees, it is estimated that _____ employees would be required to combat a virus attack.

five

The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion

Love Bug

What is another name for unsolicited e-mail messages?

spam

According to the research group Postini, over ____ of daily e-mail messages are unsolicited and could be carrying a malicious payload

two-thirds

____ are a loose-knit network of attackers, identity thieves, and financial fraudsters

Cybercriminals

Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.

cybercrime

A security ____ focuses on the administration and management of plans, policies, and people

manager

A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.

10 to 14

A computer ____ is a program that secretly attaches itself to a legitimate “carrier,” such as a document or program, and then executes when that document is opened or program is launched

virus

A ____ virus can interrupt almost any function executed by the computer operating system and alter it for its own malicious purposes.

resident

A ____ virus infects the Master Boot Record of a hard disk drive

boot

In order to avoid detection some viruses can alter how they appear. These are known as ____ viruses.

metamorphic

A ____ is a program advertised as performing one activity but actually does something else

Trojan

A ____ is a computer program or a part of a program that lies dormant until it is triggered by a specific logical event.

logic bomb

____ is an image spam that is divided into multiple images

GIF layering

____ involves horizontally separating words, although it is still readable by the human eye

Word splitting

____ uses “speckling” and different colors so that no two spam e-mails appear to be the same

Geometric variance

____ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

Adware

Today’s computer systems have a(n) ____ chip in which the contents can be rewritten to provide new functionality

PROM

Flash memory is a type of ____, nonvolatile computer memory that can be electrically erased and rewritten repeatedly.

EEPROM

A ____ is a single, dedicated hard disk-based file storage device that provides centralized and consolidated disk storage available to LAN users through a standard network connection

NAS

____ are portable communication devices that function in a manner that is unlike wired telephones

Cell phones

The ____ is the link between the cellular network and the wired telephone world and controls all transmitters and base stations in the cellular network

MTSO

____ is a means of managing and presenting computer resources by function without regard to their physical layout or location

Virtualization

One type of virtualization in which an entire operating system environment is simulated is known as ____ virtualization.

operating system

With operating system virtualization, a virtual machine is simulated as a self-contained software environment by the ____ system (the native operating system to the hardware

host

Creating and managing multiple server operating systems is known as ____ virtualization

server

____ technology enables a virtual machine to be moved to a different physical computer with no impact to the users.

Live migration

Live migration can be used for ____; if the demand for a service or application increases, then network managers can quickly move this high-demand virtual machine to another physical server with more RAM or CPU resources.

load balancing

A ____ is a cumulative package of all security updates plus additional features

service pack

____ is a Windows Vista and Windows XP Service Pack 2 (SP2) feature that prevents attackers from using buffer overflow to execute malware

DEP

The goal of ____ is to make it harder to predict where the operating system functionality resides in memory

ASLR

The ____ are the operating system settings that impose how the policy will be enforced

configuration baselines

Instead of the Web server asking the user for the same information each time she visits that site, the server can store that user-specific information in a file on the user’s local computer and then retrieve it later. This file is called a(n) ____.

cookie

A(n) ____ is a computer programming language that is typically interpreted into a language the computer can understand

scripting language

____, also called add-ons, represent a specific way of implementing ActiveX and are sometimes called ActiveX applications

ActiveX controls

____ typically involves using client-side scripts written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker.